Web Application Analysis refers to all applications that are accessed through a browser. Security testing for your application is very important if data leaks or modifications are unacceptable and intolerable. For example, if a e-commerce applications, which sometimes involve banking transactions, security testing is critical. It should also ensure that sufficient authentication and authorization mechanisms are in place.

Security testing can be static or dynamic.

Static testing involves doing a static code analysis to check for any vulnerabilities. The goal is to understand the code flow and check for security threats by walking through the code.

Dynamic testing entails running the application to see if the response is as expected for the associated request. It is very similar to black box testing.